Lots of issue..

Discussion in 'privacy general' started by shyam, Dec 6, 2004.

Thread Status:
Not open for further replies.
  1. shyam

    shyam Registered Member

    Joined:
    Jul 20, 2004
    Posts:
    12
    Hello,

    It appears to me that I have few issues on my windows 2000 box. Please help me to get rid of it. Few of the problems are :

    1) I am continously getting email which has subject line " Mail Delivery (failure shyam@******.com)" from email id which seems to be valid in most of the case. But in reality, I never sent any emails to that ids. The content of email is even more intresting. It says something like this :

    If the message will not displayed automatically,follow the link to read the delivered message.

    Received message is available at:

    www.*******.com/inbox/shyam/read.php?sessionid-8827


    Please tell me what it's and how can I get rid of it ?

    2) Secondly, I also getting emails at regular interval which has attachments of 24 bytes which has only 1-2 line of text like, Please read the important document, important document for you etc..

    Help me to get rid of it also.

    3)My computer takes lot of time in booting. It takes more then 6-7 minutes to show me the desktop.

    Please guide me step by step..

    Thanks in advance.

    Shyam
     
  2. dog

    dog Guest

    Hi Shyam, ;)

    Depending on what email client you use ... you can block those emails. ;)

    For Outlook Express ... open OE ...select "tools" then message rules, then block senders list ... and add the offending addresses.

    Outlook is ... Highlight the offending email , and select Actions ... then add to junk senders list.

    Other clients have options as well ... if you aren't using either of these ... specify which client you're using and someone will provide direction.

    As far as the slow boot ... are you experiencing any other problems with your PC?

    dog - *puppy*
     
  3. snowbound

    snowbound Retired Moderator

    Joined:
    Feb 18, 2003
    Posts:
    8,723
    Location:
    The Big Smoke
  4. shyam

    shyam Registered Member

    Joined:
    Jul 20, 2004
    Posts:
    12
    Thank you dog for quick reply.

    Dog, the problem is each and everytime I recieved the similar type of emails from different email id. And, the frequency of email is 4-5 mails per day. FYI... I'm using Outlook express 2000.


    As far as slow booting is concern then I did feel that computer oftenly hangs for a few seconds. If I open, real player, OE, 2-3 IE window then computer shows am using 100% resource that appears quite strange to me.

    Shyam
     
  5. dog

    dog Guest

    Are the emails from the same domain? If they are ... and you don't receive any legit emails from that domain ... you could block the whole domain. (ie. microsoft.com)

    Other than that ... you will either have to keep blocking individual address, until they're all blocked. Or you can change your email address.

    Added note: Only use your real email address for personal use ... and setup a dummy account, with a free web email provider, for other things.

    As for the other problems, you probably are infected with some type of malware. See the link Snowbound provided above. ;)

    Steve
     
  6. shyam

    shyam Registered Member

    Joined:
    Jul 20, 2004
    Posts:
    12
    Snowbound, Thanks for the URL !

    I could have the malware.. But,

    1) Does it mean that in order to remove the malware I need to install all those software( 8-10) which is mentioned in the URL?

    2) Secondly, I have windows 2000 operating system with service pack 4. I am using Norton 2003 having virus defination 12/4/2004.

    Thanks for the response.
     
  7. shyam

    shyam Registered Member

    Joined:
    Jul 20, 2004
    Posts:
    12
    Thanks for the response. This forum is really great...

    Steve, am getting those emails from hotmail, Yahoo, msn and other famous domain. Secondly, that is my office account. I can't change it.. Lots of office email is coming every day on it.

    Yes, I also have the same opinion as snowbound..

    Shyam
     
  8. dog

    dog Guest

    If you wish ... Computer Cops (now known as Castle Cops ) - http://computercops.biz/index.php ... does provide HJT log cleaning service (free) ... read the FAQ before posting ... you can DL ... Hijack This from here - http://www.spywareinfoforum.com/~merijn/downloads.html ... Do NOT fix anything yourself as most of what is displayed is necessary for your PC to function. An expert will guide you through the process. Which will simplify the shown process greatly . ;) ... If your company is a larger one ... be sure to check with the IT dept. and/or the companies policies to make sure you are within your rights to proceed with this.


    Steve
     
  9. snowbound

    snowbound Retired Moderator

    Joined:
    Feb 18, 2003
    Posts:
    8,723
    Location:
    The Big Smoke
    Well, in order to aradicate most Malware, following all the steps is best.

    As dog said, u can simplify the process by posting a hijackthis log at one of the sites listed here,

    https://www.wilderssecurity.com/showthread.php?t=50662



    snowbound
     
  10. Newkid

    Newkid Spyware Fighter

    Joined:
    Apr 29, 2004
    Posts:
    225
    Location:
    Memphis
    Hello Shyam,

    Welcome to Wilders :)

    Shyam, your machine is infected with W32.Netsky.P@mm virus. I'd strongly recommend you to scan machine fully with Norton Antivirus in safe mode.

    Boot your machine in safe mode by tapping F8 key at startup and then scan all the drives fully with Norton Antivirus.

    Then, Reboot your machine again and boot in normal mode. Go here and download the removal tool.

    Print this page for instructions.

    When you've done all, reboot your machine and let us know the outcome before you move to castlecops.
     
  11. shyam

    shyam Registered Member

    Joined:
    Jul 20, 2004
    Posts:
    12
    Hello Newkid,

    Thank You Very Much !

    You are very true... I did scan computer with updated Norton Antivirus. It found few infected files and successfully remove it from my computer. As you said, then I installed the removal tool and follow the instructions mentioned in the URL. Removal tool also found few changes in the registry and successfully patch it. I think, first issues has been sorted. Thank you ! :)

    What about my other queries ? Shall I go ahead now and post the hijackthis log at CASTLECOPS ?

    Thanks Snowbound for the URL. I'll check it later on.

    Shyam
     
  12. Newkid

    Newkid Spyware Fighter

    Joined:
    Apr 29, 2004
    Posts:
    225
    Location:
    Memphis
    Shyam, I guess, your two issues has been sorted now. :D

    If you wish....As Steve( Dog) said, Computer Cops does provide the HJT cleaning services. You can show them the log for review.

    As far as the third queries are concern then will you please tell us something about your machine configuration ?
     
  13. shyam

    shyam Registered Member

    Joined:
    Jul 20, 2004
    Posts:
    12
    Thanks Newkid for the response and sorry for delay. I was bit busy in my office work.

    There is one bad news. Yesterday, I again received one such type of email.. :'( Does it means that am again infected with the same virus as you mentioned in your post ? :doubt:

    Secondly, my system configuration as follows :

    Microsoft Windows 2000 5.00.2195 with Service Pack 4
    Interl Celeron CPU 1.70 Ghz
    512 MB SD RAM
    40 GB Hard disk

    Please tell me do you want other details as well.

    Thirdly, I noticed one more issue on my computer. I have 2 NTFS, 20 GB each, partition . I find that both of my disk is shared automatically with a shared name C$ and D$. Everytime, I have to disable the share but as soon as I reboot computer, It comes automatically. Is it any defect ?? Am worried because my computer is on the net almost 10-12 hours per day.

    Please help me.
    Shyam
     
  14. Newkid

    Newkid Spyware Fighter

    Joined:
    Apr 29, 2004
    Posts:
    225
    Location:
    Memphis
    Shyam, it's better to take one problem at a time. :)

    Did you again open the attachment ? If not then I guess this time you received such email not because of your machine. One of your frnd list(email list) is infected with this worm and from their the worm harvested your address. And if yes, then please do all the things which were told you to do earlier.

    At the end, did you post your log at Castlecops or any of the other website ?

    With Thanks !
    Newkid
     
Thread Status:
Not open for further replies.